because such items may not be subject to the same level of internal control as other entries.3 Determine the timing of testing. Fraud may occur throughout a period, so the auditor should consider the need to test journal entries throughout the period under audit. However, the auditor should also consider that fraudulent journal entries are often made at the end of the reporting period and should focus on entries made during that time.
4 Ask individuals in the financial reporting process about inappropriate or unusual activity relating to journal entries and adjustments.NOTE: The auditor should document the results of procedures performed to address the possibility that management might override controls.
Reviewing accounting estimates for biases that could result in fraud. (AU-C 240.A52–.A53) The auditor should consider whether differences between amounts supported by audit evidence and the estimates included in the financial statements, even if individually reasonable, indicate a possible bias on the part of entity’s management. If so, the auditor should reconsider the estimates taken as a whole.
The auditor should retrospectively review significant accounting estimates in prior years’ financial statements to determine whether there is a possible bias on the part of management. (Significant accounting estimates are those based on highly sensitive assumptions or significantly affected by management’s judgment.) The review should provide information to the auditor about a possible management bias that can be helpful in evaluating the current year’s estimates. If a management bias is identified, the auditor should evaluate whether the bias represents a risk for material misstatement due to fraud.
Evaluating whether the rationale for significant unusual transactions is appropriate. (AU-C 240.A54) Personnel at the entity engaged in trying to hide a theft or commit fraudulent financial reporting might use unusual or nonstandard transactions to conceal the fraud. The auditor should understand the business rationale for such transactions and whether the rationale suggests that the transactions are fraudulent. When evaluating the transactions, the auditor should consider:
Is the transaction overly complex?
Has management discussed the nature and accounting for the transaction with the audit committee or board of directors?
Is management focusing more on achieving a particular accounting treatment than the underlying economics?
Have any transactions involving special-purpose entities or other unconsolidated related parties been approved by the audit committee or board of directors?
Do transactions involve previously unidentified related parties?
Do transactions involve parties that cannot support the transaction without the help of the audited entity?
Evaluating Audit Evidence
The auditor should:
Assess the risk of material misstatement due to fraud throughout the audit.
Evaluate whether analytical procedures performed as substantive tests or in the overall review indicate a previously unidentified fraud risk.
Evaluate the risk of material misstatement due to fraud at or near the completion of fieldwork.
Respond to misstatements that may result from fraud.
Consider whether identified misstatements may be indicative of fraud, and, if so, evaluate their implications.
(AU-C 240.34–.37)
Evaluating Analytical Procedures
The auditor should consider whether analytical procedures performed as substantive tests or in the overall review stage of the audit indicate a risk of material misstatement due to fraud. The auditor should perform analytical procedures relating to revenue through the end of the reporting period, either as part of the overall review of the audit or separately. If such procedures are not included during the overall review stage of the audit, the auditor should perform analytical procedures specifically related to potentially fraudulent revenue recognition.
The auditor should be alert to responses to inquiries about analytical relationships that are:
Vague or implausible
Inconsistent with other audit evidenceNOTE: The auditor should document other conditions or analytical relationships that result in additional procedures, and any other responses the auditor feels are necessary.
As part of the auditor’s evaluation of analytical procedures performed as substantive tests or in the overall review stage of the audit, and those analytical procedures that relate to revenue through the end of the reporting period, the auditor may find it helpful to consider the following issues:
1 Are there any unusual relationships involving revenues and income at year-end, such as an unexpectedly large amount of revenue reported at the very end of the reporting period from nonstandard transactions, or income that is not consistent with cash flow trends from operations?
2 Are there other unusual or unexpected analytical relationships that should be evaluated? The guidance provides the following examples:An unusual relationship between net income and cash flows from operations may occur if management recorded fictitious revenues and receivables but was unable to manipulate cash.Inconsistent changes in inventory, accounts payable, sales, or cost of sales between the prior period and the current period may indicate a possible employee theft of inventory, because the employee was unable to manipulate all the related accounts.Comparing the entity’s profitability to industry trends, which management cannot manipulate, may indicate trends or differences for further consideration.Unexplained relationships between bad-debt write-offs and comparable industry data, which employees cannot manipulate, may indicate a possible theft of cash receipts.Unusual relationships between sales volume taken from the accounting records and production statistics maintained by operating personnel—which may be more difficult for management to manipulate—may indicate a possible misstatement of sales.(AU-C 240.A58)
Evaluating Fraud Risk at or Near the Completion of Fieldwork
The auditor should, at or near the end of fieldwork, evaluate whether the results of auditing procedures and observations affect the earlier assessment of the risk of material misstatement due to fraud. When making this evaluation, the auditor with final responsibility for the audit should confirm that all audit team members have been communicating information about fraud risks to each other throughout the audit.
Responding to misstatements that may result from fraud. When misstatements are identified, the auditor should consider whether they are indicative of fraud. The auditor may need to consider the impact on materiality and other related responses.
If the auditor believes that the misstatements are fraudulent or may result from fraud, but the effect is not material to the financial statements, the auditor should evaluate the implications for the rest of the audit. If the auditor determines that there are implications, such as implications about management’s integrity, the auditor would reevaluate the assessment of the risk of material misstatement due to fraud and its impact on the nature, timing, and extent of substantive tests and the assessment of control risk if control risk were assessed below the maximum.
If
